Tuesday, January 23, 2018

Ideally we would always remove administrator rights from all users. But in the real world, we unfortunately must deal with years of technical debt and poor architecture decisions that make the complete elimination of administrator rights difficult (or financially non-viable) for many organizations. So when faced with the task of prioritizing the removal of admin rights from users, where should you start?

There are many things to consider when removing administrator rights and these won’t apply to everyone (for instance some organizations are dealing with specific legacy software that requires admin rights). But when working with clients Rendition Infosec uses these considerations as our top three.

1. Users with access to sensitive information2. Users that use the machine to surf the Internet or open email attachments3. Machines that have direct Internet access